microfocuscybersummit
play

#MicroFocusCyberSummit Preparing for When Your Organization Will be - PowerPoint PPT Presentation

#MicroFocusCyberSummit Preparing for When Your Organization Will be Breached: Prioritizing and Protecting Paulo Veloso Shogo Cottrell #MicroFocusCyberSummit Whats happening in the market? Approximately 40,000 Tesco Bank accounts were


  1. #MicroFocusCyberSummit

  2. Preparing for When Your Organization Will be Breached: Prioritizing and Protecting Paulo Veloso Shogo Cottrell #MicroFocusCyberSummit

  3. What’s happening in the market? “Approximately 40,000 Tesco Bank accounts were compromised in a cyberattack” November 2016 98% companies were victims of cyber attack in the year 2016. Ponemon Institute Study 66% of consumers will stop doing business with a company that has suffered a cyber breach. Study by Centrify 3

  4. The World is Feeling the Economic Pressures World Economic Forum – 2018 Global Risk Report Top 10 risks in terms of likelihood #3 – Cyber attacks 2015 2016 Today Attack on Ukraine’s power SWIFT attack led to the European Aviation Safety grid shut down 30 theft of US$81 million from Agency has stated their substations , interrupting the central bank of systems are subject to an power to 230,000 people Bangladesh average of 1,000 attacks each month Global interconnectedness continues to expand the attack surface 4

  5. What is the Impact? Cost of breach as 40% increase in high as data breach last year $74 million - Identity Theft Resource Center - Ponemon Institute study 90 % CFOs claim cyber-security concerns as the primary reason to implement new software security tools BDO Survey, 2015 5

  6. Cyber Risk Increased The new battlefield Patch or perish Monetization of malware Vanishing perimeter Back to the basics Ransomware Perimeter in your pocket Unintended consequences ATM-malware Defending interactions Vendor transparency Banking Trojans between users, apps, and data 6

  7. Cycle of Security – Breaking the Cyber Kill Chain

  8. 8

  9. Security Focus Areas – IDENTITY What to Prioritize and Protect & ACCESS • Adaptive Identity governance • Adaptive access management • Adaptive privileged users APP ENDPOINT SECURITY SECURITY • Lifecycle management • Static, Dynamic, & Runtime • Patching & containerization application testing • Application virtualization • Application security-as-a- • Mobile & server management service ANALYTICS & MACHINE LEARNING DATA SECURITY SECURITY OPERATIONS • Data de-identification • Real-time detection (encryption/tokenization) • Workflow automation • Key management • Open source data ingestion • Hardware-based trust assurance • Hunt and investigation GOVERNANCE, • Messaging security RISK & COMPLIANCE • eDiscovery & Classification • Information Management 9

  10. Security Focus Areas – What to Prioritize and Protect IDENTITY & ACCESS • Adaptive Identity governance • Adaptive access management • Adaptive privileged users APP ENDPOINT SECURITY SECURITY • Lifecycle management • Static, Dynamic, & Runtime • Patching & containerization application testing • Application virtualization • Application security-as-a- • Mobile & server management service ANALYTICS & MACHINE LEARNING DATA SECURITY SECURITY OPERATIONS • Data de-identification • Real-time detection (encryption/tokenization) • Workflow automation • Key management • Open source data ingestion • Hardware-based trust assurance • Hunt and investigation • Messaging security 10

  11. Identity Powers the Future of IT Cloud Identity Access Insight Users Salesforce Workday Office365 SAP … Devices Hybrid Azure AWS Things …  Governance  Risk Based Access  SIEM On-Premise  Provisioning  SSO  File Integrity  Privileged Identity  Privileged Access  Privileged Monitoring  Self Service  Federation  Configuration Services Monitoring  Social Registration  Multi-Factor  Change Monitoring  Unified Identity  Mobile  Analytics  Roles  Social Access  Data Security  Analytics  Analytics  Data Security  Data Security

  12. Identity Self Services Self Service Identity Management Password Reset Identity Manager Identity, Governance & Administration Identity Governance Identity Governance & Compliance Powered Security

  13. WebAccess Access Manager Access Enterprise Access Identity Secure Login Powered Security

  14. Identity Powered Security Authentication Advanced Authentication

  15. Identity Powered Security Privileged Accounts Privileged Account Manager Security Directory & Resource Administrator Secure Administration Group Policy Administrator

  16. Identity Powered Security SIEM Sentinel Change Guardian Reporting and Logging Activity Monitoring

  17. Identity Self Services Self Service WebAccess Identity Management Password Reset Identity Manager Access Manager Identity, Governance & Administration Access Identity Enterprise Access Governance Identity Governance & Secure Compliance Login Powered Security Privileged Accounts Authentication Privileged Account Advanced Manager Authentication SIEM Security SIEM Directory & Resource Administrator Secure Administration Reporting and Logging Group Policy Administrator Activity Monitoring

  18. Security Focus Areas – What to prioritize and protect IDENTITY & ACCESS • Adaptive Identity governance • Adaptive access management • Adaptive privileged users APP ENDPOINT SECURITY SECURITY • Lifecycle management • Static, Dynamic, & Runtime • Patching & containerization application testing • Application virtualization • Application security-as-a- • Mobile & server management service ANALYTICS & MACHINE LEARNING DATA SECURITY SECURITY OPERATIONS • Data de-identification • Real-time detection (encryption/tokenization) • Workflow automation • Key management • Open source data ingestion • Hardware-based trust assurance • Hunt and investigation • Messaging security 18

  19. Best Approach: Build It In The only way to keep up is to build security into your processes and tools Key Concerns  Business requires an increasing number of applications and faster release cycles – hard for security to keep up  Development and security teams are not integrated  Tools across different teams are not standardized Percentage of security incidents from exploits 90 90 % against defects in the design or code of software. 1 80 80 % Percentage of applications containing at least one critical or high vulnerability. 2 Source: 1 U.S. Department of Homeland Security’s U.S. Computer Emergency Response Team (US -CERT) 19 2 2017 Application Security Research Update” by the HPE Software Security Research team, 2017

  20. Best Approach: Build It In The only way to keep up is to build security into your processes and tools Solution Discussion  The average cost of a security breach is $3.62M 1  The key to effective application security is to build it in to the development process − Vulnerabilities found in the production/post-release phase are 30 times more costly to fix than vulnerabilities found earlier in the lifecycle. 2 Source: 1 2017 Ponemon Institute Cost of Data Breach Study 20 2 National Institute of Standards & Technology (NIST)

  21. The Only Way to Keep Up is to “Build It In” DevSecOps Static Code Analysis Real-time Application Static Code Analyzer (SCA) Self Protection Dev Ops Create Plan Prevent Detect Continuous Continuous Improvement Configuration Monitoring Monitoring Continuous Continuous and and Integration Monitoring Analytics Analytics Continuous Continuous Deployment Learning Verify Preprod Predict Respond Dynamic Application Continuous Delivery Security Testing Source: “10 Things to Get Right for Successful DevSecOps ,” Gartner, Inc., 2017 21 21

  22. Implementing an End-to-End AppSec Strategy Static Code Analysis Web Dynamic Testing Runtime Protection (SAST) (DAST) (RASP) Management Console Static Code Analyzer (SCA) WebInspect App Defender Test, Design Code Integration & Production Staging Application Development IT Operations 22

  23. Security Focus Areas – What to prioritize and protect IDENTITY & ACCESS • Adaptive Identity governance • Adaptive access management • Adaptive privileged users APP ENDPOINT SECURITY SECURITY • Lifecycle management • Static, Dynamic, & Runtime • Patching & containerization application testing • Application virtualization • Application security-as-a- • Mobile & server management service ANALYTICS & MACHINE LEARNING DATA SECURITY SECURITY OPERATIONS • Data de-identification • Real-time detection (encryption/tokenization) • Workflow automation • Key management • Open source data ingestion • Hardware-based trust assurance • Hunt and investigation • Messaging security 23

  24. Endpoint Security Securing the digital workspace USER WORKSPACE Automation | User configuration self-services Configuration Management, Endpoint Security, Mobile Workspace, Service Desk, Patch Management, Desktop Service Desk, Mobile Workspace, Desktop Containers Containers, Asset Management Self-services Self-services Data Devices Data Devices User Based Single pane of glass Compliance Asset Management, Patch Management, FDE, The ZENworks Control Center / Common End Endpoint Security BYOD Apps BYOD Apps User Portal Security Full Disk Encryption, Endpoint Security, Mobile Workspace, Desktop Containers, Patch Management 24

Recommend


More recommend